Primary

Context

Netwrix Directory Manager Hard-Coded Password Vulnerability

Vulnerability

A hard-coded password vulnerability has been identified in Netwrix Directory Manager versions 11.0.0.0 and prior to 11.1.25134.03. This vulnerability allows authentication as an administrator, potentially compromising Netwrix Directory Manager and any integrated Identity Stores.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative access in Netwrix Directory Manager, allowing for a compromise of the application and its integrated Identity Stores.

Remediation

Netwrix has released a patch for this vulnerability in version 11.1.25134.03. This update is available through the Netwrix Customer Portal. After applying the update, customers are advised to rotate the credentials for all configured Identity Stores.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netwrix Directory Manager Hard-Coded Password Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating